75 matches found
CVE-2023-27148
A stored cross-site scripting XSS vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter...
Enhancesoft osTicket Cross-Site Scripting Vulnerability
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, USA. A security vulnerability exists in Enhancesoft osTicket v1.17.2. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Role Name parameter...
CVE-2023-27149
A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...
Enhancesoft osTicket Cross-Site Scripting Vulnerability
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, USA. A security vulnerability exists in Enhancesoft osTicket v1.17.2. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Label input paramete...
CVE-2023-27148
A stored cross-site scripting XSS vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter...
CVE-2023-27149
A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...
CVE-2023-27149
CVE-2023-27149 describes a stored XSS in Enhancesoft osTicket v1.17.2, exploitable via crafted payload in the Label input during a custom list update. Affected component: Label field handling in osTicket’s custom lists. Impact per sources: execution of arbitrary web scripts/HTML. Root cause: inpu...
CVE-2023-27148
CVE-2023-27148 describes a stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket Admin panel (v1.17.2). The flaw allows an attacker to inject arbitrary web scripts or HTML via the Role Name parameter, enabling potential script execution in the context of authenticated users with...
Enhancesoft osTicket SQL Injection Vulnerability
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. A security vulnerability exists in Enhancesoft osTicket v1.15.6, which originates from an SQL injection vulnerability in the Search function of the tickets.php page, allowing an authenticated attacker to execute...
Enhancesoft osTicket 安全漏洞
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A security vulnerability exists in Enhancesoft osTicket that stems from a lengthy password that can lead to a denial of service in the system...
Enhancesoft osTicket SQL注入漏洞
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, USA. A security vulnerability exists in osTicket osTicket-plugins, which stems from the presence of a SQL injection vulnerability...
Enhancesoft osTicket 跨站脚本漏洞
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A cross-site scripting vulnerability exists in versions prior to Enhancesoft osTicket v1.16.6, which stems from the presence of a Reflected Cross-Site Scripting XSS vulnerability...
Enhancesoft osTicket 跨站脚本漏洞
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A cross-site scripting vulnerability exists in versions prior to Enhancesoft osTicket v1.16.6, which stems from the presence of a cross-site scripting XSS vulnerability...
Enhancesoft osTicket 跨站脚本漏洞
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A cross-site scripting vulnerability exists in Enhancesoft osTicket versions prior to 1.16.6, which stems from the presence of a stored cross-site scripting XSS vulnerability. The vulnerability ca...
Enhancesoft osTicket 跨站脚本漏洞
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A security vulnerability exists in Enhancesoft osTicket versions prior to 1.16.4. The vulnerability stems from setting an ordinary user's username as the XSS payload, and then placing the same XSS...
Enhancesoft osTicket 跨站脚本漏洞
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A security vulnerability exists in Enhancesoft osTicket, which stems from its component audit/class.audit.php that allows attackers to execute arbitrary web script or HTML via a crafted SVG file...
Enhancesoft osTicket SQL注入漏洞
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A security vulnerability exists in Enhancesoft osTicket that originates from an SQL injection during the login and password reset process. An attacker could exploit this vulnerability to gain acce...
CVE-2020-22608
Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php...
CVE-2020-22609
Cross Site Scripting XSS vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php...
CVE-2020-22608
Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php...